Cannot create a project in a private group if visibility levels are restricted.

Summary

When setting an instance with restricted visibility levels for public and private projects and attempting to create a project in a private group will cause all the visibility levels to be grayed out. The project will give the error Visibility level private has been restricted by your GitLab administrator.

Steps to reproduce

1. Restricted visibility levels for public and private projects instance-wide.
2. In a private group, create a project.

What is the current bug behavior?

Project will not be created and will show a confusing error.

What is the expected correct behavior?

Not sure what is the best option here, but it is confusing behavior. Should private groups be able to exist if private projects are restricted? Or should private groups be able to have projects set to other permissions other than private?

https://gitlab.zendesk.com/agent/tickets/111286 (for internal use) Tested on 11.6.1-ee.

Proposal

1. Update verbiage in Admin Area > General > Visibility and access controls

• Restrict public: If selected, only logged-in users will be able to see user profiles.
• Restrict internal: If selected, only admin users will be able to create internal projects.
• Restrict private: If selected, only admin users will be able to create projects in private groups.

2. If the settings result in a situation where a user can not create a project (private is restricted and a non-admin user has navigated to a private group) the button to create a new project should be removed.